I'd like to be able to connect my Android phone to public Wi-Fi points with unencrypted connections, but
People can see what I'm doing by intercepting my radio transmissions
People who own the access point can see what I'm doing.
There are tools like WeFi and probably others to automatically connect to access points, but I don't trust random APs. I'd like all my traffic to go through an encrypted tunnel to my home router, and from there out to the Internet.
I've done such tunnels from other computers with SSH/SOCKS and PPTP before. Is there any way to do this with Android?
I've asked the same question on Force Close, so I'll change this question to be about both sides of the tunnel. More specifically:
My phone now has CyanogenMod 4.2.3
My router currently has Tomato Version 1.25
I'm willing to change the router firmware, but I was having issues with DD-WRT disconnecting, which is why I'm using Tomato. Some possible solutions:
SSH with dynamic SOCKS proxy:
Android supposedly supports this through ConnectBot, but I don't know how to get it to route all traffic.
Tomato supports this natively.
I've been using this with MyEntunnel for my web browsing at work. Requires setting up each app to go through the proxy, though.
PPTP:
Android supports this natively.
Tomato does not support this, unless you get the jyavenard mod and compile it?
I previously used PPTP for web browsing at work and in China because it's native in Windows and DD-WRT. After a while I started having problems with it, then I started having problems with DD-WRT, so I switched to the SSH tunnel instead. Also it supposedly has security flaws, but I don't understand how big of a problem it is.
IPSec L2TP:
Android (phone) and Windows (work/China) both support this natively
I don't know of a router that does. I could run it on my computer using openswan, but then there are two points of failure.
OpenVPN:
CyanogenMod apparently includes this, and now has an entry to create a new OpenVPN in the normal VPN interface, but I have no idea how to configure it.
TunnelDroid apparently handles some of this.
Future versions will have native support in the VPN settings?
Tomato does not support this, but there are mods that do? I don't know how to configure this, either.
TomatoVPN
roadkill mod
SgtPepperKSU mod
Thor mod
I could also run a VPN server on my desktop, I guess, though that's less reliable and presumably slower than running it in the router itself. I could change the router firmware, but I'm wary of more fundamental things breaking. Tomato has been problem-free for the regular stuff.
Related: Anyone set up a SSH tunnel to their (rooted) G1 for browsing?
